A Layer 3 Network is the third layer of the Open Systems Interconnection (OSI) Model, or network layer. Layer 3 provides the network’s routing and switching logic that creates network paths known as virtual circuits (VC). VCs are required for the transmission of data between network nodes. The main functions of Layer 3 include routing and forwarding, as well as internetworking, addressing, packet sequencing, congestion control, and error handling. The protocols used in Layer 3 include:
- Internet Protocols IPv4/v6
- Internet Control Message Protocol (ICMP)
- Distance Vector Multicast Routing Protocol (DVMRP)
- Internet Group Management Protocol (IGMP)
- Address Resolution Protocol (ARP)
- Internet Protocol Security (IPsec)
- Routing Information Protocol (RIP)
What does a Layer 3 Network mean to an SMB?
Layer 3 networks can be helpful in many ways for an SMB. This includes controlling spurious traffic such as Address Resolution Protocol requests (ARP). This is where a machine sends its MAC address via an ARP broadcast to every other system in their network. A Layer 3 switch, router, or Firewall can block such traffic reducing the number of packets each system has to monitor and track. This also blocks other broadcast and multicast network traffic reducing the CPU load of machines required to process these packets.
However, by far one of the largest benefits of maintaining layer three capabilities in your SMB is network segmentation. This allows you to limit the spread of viruses if a mistake occurs. It allows you to limit the ability of hackers to move laterally in your networks, and it provides the opportunity to design a network with subnetworks that are all purpose-built – accounting & finance is Network 1, Camera Surveillance is Network 2, Badge access control is network 3, and so on. These can be done in a variety of ways from using physical ports in your firewall to Private Virtual Local Area Networks (PVLANS) in a layer three router. SMBs should look into this, and segment their network however logically it should be controlled.
Additional Cybersecurity Recommendations
Additionally, these recommendations below will help you and your business stay secure with the various threats you may face on a day-to-day basis. All of the suggestions listed below can be gained by hiring CyberHoot’s vCISO Program development services.
- Govern employees with policies and procedures. You need a password policy, an acceptable use policy, an information handling policy, and a written information security program (WISP) at a minimum.
- Train employees on how to spot and avoid phishing attacks. Adopt a Learning Management system like CyberHoot to teach employees the skills they need to be more confident, productive, and secure.
- Test employees with Phishing attacks to practice. CyberHoot’s Phish testing allows businesses to test employees with believable phishing attacks and put those that fail into remedial phish training.
- Deploy critical cybersecurity technology including two-factor authentication on all critical accounts. Enable email SPAM filtering, validate backups, deploy DNS protection, antivirus, and anti-malware on all your endpoints.
- In the modern Work-from-Home era, make sure you’re managing personal devices connecting to your network by validating their security (patching, antivirus, DNS protections, etc) or prohibiting their use entirely.
- If you haven’t had a risk assessment by a 3rd party in the last 2 years, you should have one now. Establishing a risk management framework in your organization is critical to addressing your most egregious risks with your finite time and money.
- Buy Cyber-Insurance to protect you in a catastrophic failure situation. Cyber-Insurance is no different than Car, Fire, Flood, or Life insurance. It’s there when you need it most.
All of these recommendations are built into CyberHoot the product or CyberHoot’s vCISO Services. With CyberHoot you can govern, train, assess, and test your employees. Visit CyberHoot.com and sign up for our services today. At the very least continue to learn by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity updates.
Watch this video for more information on the OSI Model:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.